diff --git a/models/auth.model b/models/auth.model
deleted file mode 100644
index 4582ab43d..000000000
--- a/models/auth.model
+++ /dev/null
@@ -1,13 +0,0 @@
--- SPDX-FileCopyrightText: 2024 Sarah Vaupel <sarah.vaupel@uniworx.de>
---
--- SPDX-License-Identifier: AGPL-3.0-or-later
-
--- TODO: define AuthenticationSource with json instances to store unique source identifiers per protocol
--- | User authentication data fetched from external user sources
-ExternalAuth
-    user      UserId
-    source    AuthSourceIdent              -- Identifier of the external source in the config
-    data      Value "default='{}'::jsonb"  -- Raw user data from external source
-    lastSync  UTCTime                      -- When was the corresponding User entry last synced with this external source? -- TODO rethink
-    UniqueExternalAuth user source        -- At most one entry of this user per source
-    deriving Show Eq Ord Generic
diff --git a/models/users.model b/models/users.model
index a69e801ef..c8611022e 100644
--- a/models/users.model
+++ b/models/users.model
@@ -49,10 +49,20 @@ User json    -- Each Uni2work user has a corresponding row in this table; create
     prefersPostal         Bool default=false    -- user prefers letters by post instead of email
     examOfficeGetSynced   Bool default=true     -- whether synced status should be displayed for exam results by default
     examOfficeGetLabels   Bool default=true     -- whether labels should be displayed for exam results by default
+    lastSync              UTCTime Maybe         -- When was the User data last synchronised with external sources?
     UniqueAuthentication  ident                 -- Column 'ident' can be used as a row-key in this table
     UniqueEmail email                           -- Column 'email' can be used as a row-key in this table
     deriving Show Eq Ord Generic                -- Haskell-specific settings for runtime-value representing a row in memory
 
+-- | User data fetched from external user sources, used for authentication and data queries
+ExternalUser
+    user      UserId
+    source    AuthSourceIdent              -- Identifier of the external source in the config
+    data      Value "default='{}'::jsonb"  -- Raw user data from external source -- TODO: maybe make Maybe, iff the source only ever responds with "success"?
+    lastSync  UTCTime                      -- When was the external source last queried?
+    UniqueExternalUser user source         -- At most one entry of this user per source
+    deriving Show Eq Ord Generic
+
 UserFunction -- Administratively assigned functions (lecturer, admin, evaluation, ...)
     user     UserId
     school   SchoolId